- From: Jeffrey E. Sussna <kuanjes@beaver.slip.net>
- Date: Thu, 30 Jul 1998 20:25:27 -0700
- To: "Yaron Goland" <yarong@microsoft.com>, <francis@netscape.com>, <w3c-dist-auth@w3.org>
>In addition the DAV ACL effort (there are two IDs out, one for requirements >and another for protocol) is defining how you can actually set those ACLs in >the first place. Thanks for the RTFM. This is exactly what I had in mind. Given that distributed authoring is so involved with roles, I think including access control in the spec (or a related spec) is crucial. As far as the ACL requirements/spec themselves are concerned, I have a few thoughts: 1. I think we can learn much from the LDAP access control approach (WebDAV ACL's already sound quite similar). For example, the spec leaves open the question of how ACE's are actually represented and accessed. If they are simply special properties, they can be accessed in the same way as other properties. Also if, as in LDAP, an ACE can apply to a property, then the question of controlling access to ACE's themselves is resolved. 2. I think that lock and reserve rights should be added to the list of generic rights. These are first-class WebDAV actions and should be represented as such in the ACL mechanism. Jeff Sussna
Received on Thursday, 30 July 1998 23:28:02 UTC